On Mon, 15 Feb 2016, at 13:45, Al Iverson wrote: > Thus, I don't see this as much of a real issue, to be honest.
I agree. Still, I'd prefer some way to convince users to update their configurations. > But if you're looking for ideas on how to ease your personal pain: > You could null route the connecting IP just to keep the noise out of > your logs, if the connecting IP is unchanging. That's essentially what I am doing. Usually, I use iptables -j DROP, but I also tried --reject-with tcp-reset. I was hoping that either DROP, tcp-reset or nothing (i.e. have the auth daemon reject the login) would make a difference but I couldn't find any change of behavior. > You could re-enable the account to be able to check mail, but not > receive mail, to keep from alerting, but to prevent the user from > getting value from the account. I thought about this, too. However, I am not sure how MUAs with sync enabled react when they see empty and missing folders (and I haven't yet bothered to try it out), cause I wouldn't want to keep old users' mail, of course. > Or you could update your intrusion detection to ignore references to > these accounts. Yep, that was my plan so far. Another option would be to send reminders to the users. I haven't done this yet because I don't feel comfortable to tell them to delete something. But I just had the idea to compile instructions how to disable a config and keep it from checking for new mail by changing the server's hostname to localhost. Or maybe not, because many users don't even know which of their devices has old configurations. *sigh* Let's go with ignoring it, and waiting until they re-install their PCs or buy new phones ;) -- -- Andreas _______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
